Encryption is one the best ways to protect personally identifiable information (PII) and other sensitive data. However, it can be untargeted, costly, and cumbersome to implement or modify. And beyond application, algorithm, and encryption-key-management decisions, there are considerations like authentication and tokenization, format preservation, and referential integrity.

Standalone, data-centric PII encryption solutions addressing multiple database table and flat file formats (.txt, .csv, .sam, .dat, .xml, ldif, etc.), as well as IoT and other data streams, are few and far between. Most of the data masking solutions that can encrypt more than a single database are limited in source scope and functionality, or are very expensive otherwise.

Meanwhile, hardware-based encryption and appliances that protect entire networks, machines, databases, disks, or files are inefficient, and overkill. They restrict access to everything, while only sensitive fields need protecting. And if decryption occurs, everything is exposed at once.

Solutions

Software products in both the IRI Voracity platform and IRI Data Protector suite nullify the effect of data breaches by protecting PII at the field level across multiple data sources. IRI FieldShield and the SortCL program in Voracity or IRI CoSort all include 3DES, AES, FIPS-compliant OpenSSL, and GPG encryption/decryption libraries. IRI CellShield for Excel includes several compatible ones as well.

They also provide a broad range of other static data masking (SDM) and dynamic data masking (DDM) functions and methods -- and allow your own -- as part of an overall data loss prevention (DLP) strategy.

Consider these benefits:

Flexibility

Efficiency

Security

Encrypt only the sensitive data. Leave remaining fields in the table or file alone and otherwise ready for operations.